<?php
class Account extends App {
	
	function __construct() {
			
	}
	
	public function login($username = null, $password = null)
	{
		if($username && $password){
			$username = removeBadCharacters($username);
			$password = removeBadCharacters($password);
			
			if (isset($_SESSION['user'])) {
				unset($_SESSION['user']);
		    }
			
			$qr = "select * from account where username='$username' and password='" . md5($password) . "'";
			$login_user =  DB::queryFirstRow($qr);
			if (!empty($login_user)) {
				$_SESSION['user'] = $login_user;
				return TRUE;
	        } else {
	        	return FALSE;
	        }
		}else{
			return FALSE;
		}
		
	}
}
